Commit graph

43877 commits

Author SHA1 Message Date
Igor Babaev
2c9844a438 MDEV-18896 Crash in convert_join_subqueries_to_semijoins : Correction
This patch complements the original patch for MDEV-18896 that prevents
conversions to semi-joins in tableless selects used in INSERT statements
in post-5.5 versions of the server.
The test case was corrected as well to ensure that potential conversion
to jtbm semi-joins is also checked (the problem was that one of
the preceeding testcases in subselect_sj.test did not restore the
state of the optimizer switch leaving the 'materialization' in the state
'off' and so blocking this check).
Noticed an inconsistency in the state of select_lex::table_list used
in INSERT statements and left a comment about this.
2019-05-19 11:44:34 -07:00
Aleksey Midenkov
aba9115426 MDEV-19349 mysql_install_db: segfault at tmp_file_prefix check 2019-05-01 10:15:29 +02:00
Sergei Golubchik
da0e00e710 Bug#28986737: RENAMING AND REPLACING MYSQL.USER TABLE CAN LEAD TO A SERVER CRASH 2019-04-25 21:43:31 +02:00
Sergei Golubchik
2be3ab9776 MDEV-15907 ASAN heap-use-after-free in strnmov / .. / fill_effective_table_privileges on concurrent GRANT and CREATE VIEW
rename a test file.

Closes 
2019-04-24 11:15:38 +02:00
Robert Bindar
e52a4ab693 MDEV-15907 ASAN heap-use-after-free
This patch fixes an invalid read in fill_effective_table_privileges
triggered by a grant_version increase between a PREPARE for a
statement creating a view from I_S and EXECUTE.
A tmp table was created and free'd while preparing the statement,
TABLE_LIST::table_name was set to point to the tmp table
TABLE_SHARE::table_name which no longer existed after preparing was
done.
The grant version increase made fill_effective_table_privileges
called during EXECUTE to try fetch the updated grant info and
this is where the dangling table name was used.
2019-04-24 11:15:38 +02:00
Sergei Golubchik
5d510fdbf0 MDEV-18507 can't update temporary table when joined with table with triggers on read-only
triggers are opened and tables used in triggers are prelocked in
open_tables(). But multi-update can detect what tables will actually
be updated only later, after all main tables are opened.

Meaning, if a table is used in multi-update, but is not actually updated,
its on-update treggers will be opened and tables will be prelocked,
even if it's unnecessary. This can cause more tables to be
write-locked than needed, causing read_only errors, privilege errors
and lock waits.

Fix: don't open/prelock triggers unless table->updating is true.
In multi-update after setting table->updating=true, do a second
open_tables() for newly added tables, if any.
2019-04-24 11:15:38 +02:00
Sergei Golubchik
5057d46375 bugfix: multi-update checked privileges on views incorrectly
it always required UPDATE privilege on views, not being able to detect
when a views was not actually updated in multi-update.

fix: instead of marking all tables as "updating" by default,
only set "updating" on tables that will actually be updated
by multi-update. And mark the view "updating" if any of the
view's tables is.
2019-04-24 11:15:38 +02:00
Sergei Golubchik
822071ca5b MDEV-18241 Downgrade from 10.4 to 10.3 crashes
privilege tables can never be views or temporary tables,
don't even try to open them, if they are.
2019-04-24 11:15:38 +02:00
Sergei Golubchik
66099b8f2d cleanup 2019-04-24 11:15:38 +02:00
Vladislav Vaintroub
370886a9e2 MDEV-17610 Unexpected connection abort after certain operations from within stored procedure
Always set SERVER_MORE_RESULTS_EXIST when executing stored procedure statements

If statements produce a result, EOF packet needs this flag (SP ends
with an OK packet). IF statetement does not produce a result, affected rows
count are part of the final OK packet.
2019-04-04 15:35:22 +01:00
Bernhard M. Wiedemann
cfe0fe1ad1 Fix tests in 2020
unfortunately, the year 2038 problem prevented me from pushing
the deadline even further into the future.
2019-03-26 00:56:41 +04:00
Chris Calender
d8b7e76c37 Fix for MDEV-18276, typo in error message + all other occurrences of refering 2019-03-23 00:00:47 +04:00
chriscalender
f00e25b4c4 Fix for MDEV-15538, '-N' Produce html output wrong 2019-03-22 01:01:59 +04:00
Igor Babaev
0dd12b4f2a MDEV-18896 Crash in convert_join_subqueries_to_semijoins
If an IN-subquery is used in a table-less select the current code
should never consider it as candidate for semi-join optimizations.
Yet the function check_and_do_in_subquery_rewrites() improperly
checked the property "to be a table-less select". As a result
such select in IN subquery was used in INSERT .. SELECT then
the IN subquery by mistake was registered as a semi-join subquery
and convert_subq_to_sj() was called for it. However the code of
this function does not assume that the parent select of the subquery
could be a table-less select.
2019-03-14 17:41:35 -07:00
Oleksandr Byelkin
cb11b3fbe9 MDEV-17055: Server crashes in find_order_in_list upon 2nd (3rd) execution of SP with UPDATE
1. Always drop merged_for_insert flag on cleanup (there could be errors which prevent TABLE to be assigned)
2. Make more precise cleanup of select parts which was touched
2019-02-28 18:14:53 +01:00
Varun Gupta
6092093cb9 MDEV-15950: LOAD DATA INTO compex_view crashed
For multi-table views with LOAD, updates are not allowed, so
we should just throw an error.
2019-01-30 19:35:40 +05:30
Varun Gupta
08c05b5f34 MDEV-15744: Assertion `derived->table' failed in mysql_derived_merge_for_insert
For singe-table views, we need to find the bottom most base table in the embedded views
and then update that table
2019-01-29 14:52:24 +02:00
Sergei Golubchik
2175bfce3e Crude "auto-load-data-local-infile" mode
Disable LOAD DATA LOCAL INFILE suport by default and
auto-enable it for the duration of one query, if the query
string starts with the word "load". In all other cases the application
should enable LOAD DATA LOCAL INFILE support explicitly.
2019-01-27 18:54:12 +01:00
Sergei Golubchik
a8da66f8c5 Bug : INCORRECT BEHAVIOR WITH UNION IN SUBQUERY
test case
2019-01-23 12:39:17 +01:00
Oleksandr Byelkin
1ecccb509c MDEV-17085: CHECKSUM TABLE EXTENDED does not work correctly
The problem was in calculating of the mask to clear unused null bits in case of using full byte.
2019-01-16 13:57:22 +01:00
Sergei Golubchik
2450fd67ed fix the test for 2019 2019-01-02 12:03:15 +01:00
Sergey Vojtovich
15eaeace39 MDEV-16987 - ALTER DATABASE possible in read-only mode
Forbid ALTER DATABASE under read_only.
2018-12-13 20:52:23 +04:00
Alexander Barkov
1956695c69 MDEV-17724 Wrong result for BETWEEN 0 AND 18446744073709551615
The fix for "MDEV-17698 MEMORY engine performance regression"
previously fixed this problem.

- Adding the test for MDEV-17724
- Re-recording wrong results for tests:
  * engines/iuds/r/insert_number
  * engines/iuds/r/update_delete_number
  which started to fail since MDEV-17698
2018-11-15 16:45:43 +04:00
Sergei Golubchik
b7eca63620 fix the test to clean after itself
followup for c32f7ed235
2018-11-01 18:47:53 +01:00
Sergei Golubchik
c32f7ed235 MDEV-17377 invalid gap in auto-increment values after LOAD DATA
reset lex->many_values for LOAD DATA, as it's used for
auto-inc range size estimation.
2018-11-01 16:18:17 +01:00
Alexey Botchkov
57898316b6 MDEV-17256 Decimal field multiplication bug.
We should clear trailing zeroes in frac part. Otherwise
that tail is growing quickly and forces unnecessary truncating of
arguments.
2018-10-30 18:15:41 +04:00
Sergei Golubchik
f9e5195b40 Merge branch 'mysql/5.5' into 5.5 2018-10-23 15:59:24 +02:00
Sergei Golubchik
d851dd619f MDEV-13912 mysql_upgrade: case (in)sensitivity for stored procedures
mysql_upgrade used to convert all columns of mysql.db to
utf8_general_ci and then back to utf8_bin. In two separate ALTER's.

This failed if UNIQUE indexes in mysql.db contained entries
that differ only in the letter case.
2018-10-19 20:18:41 +02:00
Igor Babaev
0b7339eb45 MDEV-17382 Hash join algorithm should not be used to join materialized
derived table / view by equality

Now rows of a materialized derived table are always put into a
temporary table before join operation. If BNLH is used to join this
table with the result of a partial join then both operands of the
join are actually put into main memory. In most cases this is not
efficient.
We could avoid this by sending the rows of the derived table directly
to the join operation. However this kind of data flow is not supported
yet.
Fixed by not allowing usage of hash join algorithm to join a materialized
derived table if it's joined by an equality predicate of the form
f=e where f is a field of the derived table.
2018-10-07 10:19:19 -07:00
Alexander Barkov
935a163dd9 MDEV-17244 MAKETIME(900,0,0.111) returns a wrong result 2018-09-20 16:51:56 +04:00
Alexander Barkov
0c6455aa46 MDEV-17249 MAKETIME(-1e50,0,0) returns a wrong result 2018-09-20 16:02:58 +04:00
Sergei Golubchik
ff34436a2e Bug#27230925: HANDLE_FATAL_SIGNAL (SIG=11) IN SHOW_ROUTINE_GRANTS
test case
2018-09-04 08:31:46 +02:00
Sergei Golubchik
14ddcb1ff2 Bug#27407480: AUTOMATIC_SP_PRIVILEGES REQUIRES NEED THE INSERT PRIVILEGES FOR MYSQL.USER TABLE
A test case and a followup fix
2018-09-04 08:31:46 +02:00
Oleksandr Byelkin
796d54df11 MDEV-16957: Server crashes in Field_iterator_natural_join::next upon 2nd execution of SP
The problem was that join_columns creation was not finished due to error of notfound column in USING, but next execution tried to use join_columns lists.

Solution is cleanup the lists on error. It can eat memory in statement MEM_ROOT but it is an error and error will be fixed or statement/procedure removed/altered.
2018-08-31 17:07:43 +02:00
Oleksandr Byelkin
1b797e9e63 MDEV-15475: Assertion `!table || (!table->read_set || bitmap_is_set(table->read_set, field_index))' failed on EXPLAIN EXTENDED with constant table and view
Print constant ISNULL value independent.
Fix of printing of view FRM and CREATE VIEW output
2018-08-15 14:23:07 +02:00
Sergei Golubchik
3ff0801c73 MDEV-16810 AddressSanitizer: stack-buffer-overflow in int10_to_str
truncate incorrect values in convert_period_to_month() so that
PERIOD_DIFF never returns a value outside of 2^23 range.

And, for safety, increase buffer sizes for int10_to_str
to be sufficienly big for any int10_to_str result.
2018-08-11 12:19:46 +02:00
Oleksandr Byelkin
fceda2dab6 Merge remote-tracking branch 'mysql/5.5' into 5.5
We do not accept:
1. We did not have this problem (fixed earlier and better)
 d982e717ab Bug#27510150: MYSQLDUMP FAILS FOR SPECIFIC --WHERE CLAUSES
2. We do not have such options (an DBUG_ASSERT put just in case)
 bbc2e37fe4 Bug#27759871: BACKRONYM ISSUE IS STILL IN MYSQL 5.7
3. Serg fixed it in other way in this release:
 e48d775c6f Bug#27980823: HEAP OVERFLOW VULNERABILITIES IN MYSQL CLIENT LIBRARY
2018-07-29 13:10:29 +02:00
Varun Gupta
bd0b368119 Fix added along with a test for a case missed in the patch for MDEV-16751 2018-07-27 11:34:34 +05:30
Varun Gupta
37dee22d27 MDEV-15454: Nested SELECT IN returns wrong results
In this case we are setting the field Item_func_eq::in_eqaulity_no for the semi-join equalities.
This helps us to remove these equalites as the inner tables are not available during parent select execution
while the outer tables are not available during materialization phase.
We only have it set for the equalites for the fields involved with the IN subquery
and reset it for the equalities which do not belong to the IN subquery.

For example in case of nested IN subqueries:

    SELECT t1.a FROM t1 WHERE t1.a IN
      (SELECT t2.a FROM t2 where t2.b IN
          (select t3.b from t3 where t3.c=27 ))

there are two equalites involving the fields of the IN subquery

1) t2.b = t3.b :  the field Item_func_eq::in_eqaulity_no is set when we merge the grandchild select into the child select
2) t1.a = t2.a :  the field Item_func_eq::in_eqaulity_no is set when we merge the child select into the parent select

But when we perform case 2) we should ensure that we reset the equalities in the child's WHERE clause.
2018-07-25 21:21:27 +05:30
Varun Gupta
f9b43c2565 MDEV-16751: Server crashes in st_join_table::cleanup or TABLE_LIST::is_with_table_recursive_reference
with join_cache_level>2

During muliple equality propagation for a query in which we have an IN subquery, the items in the select list of the
subquery may not be part of the multiple equality because there might be another occurence of the same field in the
where clause of the subquery.
So we keyuse_is_valid_for_access_in_chosen_plan function which expects the items in the select list of the subquery to
be same to the ones in the multiple equality (through these multiple equalities we create keyuse array).
The solution would be that we expect the same field not the same Item because when we have SEMI JOIN MATERIALIZATION SCAN,
we use copy back technique to copies back the materialised table fields to the original fields of the base tables.
2018-07-25 14:20:16 +05:30
Igor Babaev
d567f1611e MDEV-16820 Lost 'Impossible where' from query with inexpensive subquery
This patch fixes another problem introduced by the patch for mdev-4817.
The latter changed Item_cond::fix_fields() in such a way that it could
call the virtual method is_expensive(). With the first its call
the method saves the result in Item::is_expensive_cache. For all next
calls the method returns the result from this cache. So if the item
once was determined as expensive the method always returns true.
For subqueries it's not good, because non-optimized subqueries always
is considered as expensive.
It means that the cache should be invalidated after the call of
optimize_constant_subqueries().
2018-07-24 20:00:28 -07:00
Karthik Kamath
1501557987 BUG#27788685: NO WARNING WHEN TRUNCATING A STRING WITH DATA
LOSS

ANALYSIS:
=========
When converting from a BLOB/TEXT type to a smaller
BLOB/TEXT type, no warning/error is reported to the user
informing about the truncation/data loss.

FIX:
====
We are now reporting a warning in non-strict mode and an
appropriate error in strict mode.
2018-07-23 10:16:58 +05:30
Igor Babaev
9cea4ccf12 MDEV-16726 Assertion `tab->type == JT_REF || tab->type == JT_EQ_REF' failed
Due to a legacy bug in the code of make_join_statistics() detecting
so-called constant tables could miss some of them in rare queries
that used RIGHT JOIN. As a result these queries had execution plans
different from the execution plans of the equivalent queries with
LEFT JOIN.
Besides starting from 10.2 this could trigger an assertion failure.
2018-07-19 15:31:46 -07:00
Sergei Petrunia
2fbf2277ff MDEV-15982: Incorrect results when subquery is materialized
fix_semijoin_strategies_for_picked_join_order() should set
join->sjm_lookup_tables to be a bitmap of tables inside
SJ-Materialization-Lookup nests.
2018-07-11 10:43:38 +03:00
Varun Gupta
24a0a74f5d MDEV-16307: Incorrect results when using BNLH join instead of BNL join with views
In this issue we are using derived_with_keys optimization and we are using these keys to do a hash join which is incorrect.
We cannot create keys for dervied tables whose keyparts have types are of BLOB or TEXT type. TEXT or BLOB  columns can only be
indexed over a specified length.
2018-07-10 13:54:04 +05:30
Igor Babaev
90cb721274 MDEV-16603 Crash with set join_cache_level=4
When the definition of the index used for hash join was created
in create_hj_key_for_table() it could cause memory overwrite
due to a bug that led to an underestimation of the number of
the index component.
2018-06-29 22:46:38 -07:00
Michael Widenius
937c193188 Fixed MDEV-16512, crashing on re-execution of failing SP
MDEV-16512 Server crashes in find_field_in_table_ref on 2nd
execution of SP referring to non-existing field

Problem was in the natural join code that it changed TABLE_LIST and
Item_fields but didn't restore changed things if things goes wrong
and was not able to re-execute after failure.
Some of the problems could have been avoided if we would have run
fix_fields before doing natural join transformations.

Fixed by marking functions complete AFTER they had executed, instead at
start.
I had also to change some tests that checked if Item_fields are usable.

This doesn't fix all known problems, but at least avoids some crashes.
What should be done in the near future is to mark the statement in the SP
as 'not re-executable' and force a reparse of it on next execution.

Reviewer: Sergei Petrunia <psergey@askmonty.org>
2018-06-27 13:41:19 +03:00
Alexander Barkov
170b43c156 MDEV-16534 PPC64: Unexpected error with a negative value into auto-increment columns in HEAP, MyISAM, ARIA 2018-06-20 16:36:46 +04:00
Igor Babaev
147744d455 MDEV-16235 Server crashes in my_utf8_uni or in my_strtod_int upon
SELECT .. LIMIT 0 (new variant)

This is another attempt to fix the problem of mdev-14515.
2018-06-11 08:52:49 -07:00
Sergei Golubchik
6da8192174 mysqltest: Allow HANDLER READ in --ps-protocol tests
adjust tests
2018-06-11 09:57:54 +02:00